urlscan.io logo urlscan.io
SecurityTrails logo

mfalogin.fas.gsa.gov Open in urlscan Pro
34.223.206.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.orders-vp.fas.gsa.gov/wps/portal
Effective URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Submission: On March 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 34.223.206.19, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is mfalogin.fas.gsa.gov. The Cisco Umbrella rank of the primary domain is 764587.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 18th 2024. Valid for: a year.
This is the only time mfalogin.fas.gsa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 170.225.22.19 2140 (KYN-GTS)
4 34.223.206.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:311... 13335 (CLOUDFLAR...)
13 18.66.147.35 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 108.138.7.126 16509 (AMAZON-02)
24 7
3    170.225.22.19 (United States)

ASN2140 (KYN-GTS, US)
www.orders-vp.fas.gsa.gov
4    34.223.206.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-206-19.us-west-2.compute.amazonaws.com
mfalogin.fas.gsa.gov
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3110::6812:35ed (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.polyfill.io
13    18.66.147.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-35.fra60.r.cloudfront.net
ok5static.oktacdn.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    108.138.7.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-126.fra56.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
13 oktacdn.com
ok5static.oktacdn.com — Cisco Umbrella Rank: 27531
780 KB
7 gsa.gov
www.orders-vp.fas.gsa.gov
mfalogin.fas.gsa.gov — Cisco Umbrella Rank: 764587
35 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
55 KB
1 okta.com
login.okta.com — Cisco Umbrella Rank: 3408
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2882
416 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
899 B
24 6
Domain Requested by
13 ok5static.oktacdn.com mfalogin.fas.gsa.gov
ok5static.oktacdn.com
4 mfalogin.fas.gsa.gov ok5static.oktacdn.com
3 www.orders-vp.fas.gsa.gov 1 redirects
2 cdnjs.cloudflare.com mfalogin.fas.gsa.gov
cdnjs.cloudflare.com
1 login.okta.com ok5static.oktacdn.com
1 cdn.polyfill.io mfalogin.fas.gsa.gov
1 fonts.googleapis.com mfalogin.fas.gsa.gov
24 7

This site contains no links.

Subject Issuer Validity Valid
www.orders-vp.fas.gsa.gov
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-20		 a year crt.sh
mfalogin.fas.gsa.gov
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-18 -
2025-04-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Frame ID: C27F8FF20B31EC4D23EC391F346DD518
Requests: 23 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 992DB691F4A92B6FA5AEC2F9D1D8E80A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

General Services Administration - Anmelden

Page URL History Show full URLs

  1. http://www.orders-vp.fas.gsa.gov/wps/portal HTTP 307
    https://www.orders-vp.fas.gsa.gov/wps/portal HTTP 302
    https://www.orders-vp.fas.gsa.gov/vp-landing Page URL
  2. https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

24
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

870 kB
Transfer

2799 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.orders-vp.fas.gsa.gov/wps/portal HTTP 307
    https://www.orders-vp.fas.gsa.gov/wps/portal HTTP 302
    https://www.orders-vp.fas.gsa.gov/vp-landing Page URL
  2. https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.orders-vp.fas.gsa.gov/wps/portal HTTP 307
  • https://www.orders-vp.fas.gsa.gov/wps/portal HTTP 302
  • https://www.orders-vp.fas.gsa.gov/vp-landing

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vp-landing
www.orders-vp.fas.gsa.gov/
Redirect Chain
  • http://www.orders-vp.fas.gsa.gov/wps/portal
  • https://www.orders-vp.fas.gsa.gov/wps/portal
  • https://www.orders-vp.fas.gsa.gov/vp-landing
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.orders-vp.fas.gsa.gov/vp-landing
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.225.22.19 , United States, ASN2140 (KYN-GTS, US),
Reverse DNS
Software
/
Resource Hash
09559fbd003bcc1801ea89be298ed2646d04939dfc9523e3d13766e132c23a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
Keep-Alive
Content-Language
en-US
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 29 Mar 2024 21:49:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=10, max=99
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
313
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 29 Mar 2024 21:49:37 GMT
Keep-Alive
timeout=10, max=100
Location
https://www.orders-vp.fas.gsa.gov/vp-landing
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Primary Request saml
mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/ 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-19.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cd4e6ff24c7b8523fe3d467d60ebe1b485af91a3235aa48e357f5ac984e16121
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.orders-vp.fas.gsa.gov
Referer
https://www.orders-vp.fas.gsa.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Fri, 29 Mar 2024 21:49:38 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
Zgc3cnM_Exf7ULjQud0u2wAADTU
x-rate-limit-limit
1200
x-rate-limit-remaining
1195
x-rate-limit-reset
1711749007
x-ua-compatible
IE=edge
x-xss-protection
0
favicon.ico
www.orders-vp.fas.gsa.gov/ 		281 B
539 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.orders-vp.fas.gsa.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.225.22.19 , United States, ASN2140 (KYN-GTS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.orders-vp.fas.gsa.gov/vp-landing
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 29 Mar 2024 21:49:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
Keep-Alive
Keep-Alive
timeout=10, max=98
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
css2
fonts.googleapis.com/ 		1 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Public+Sans&display=swap
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
800b369ff6bb35dbe7f72ed963fda2589e98a37c278b89e874ce95834a32bd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Mar 2024 21:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 21:10:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Mar 2024 21:49:38 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:35ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 21:49:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Mar 2024 07:38:54 GMT
server
cloudflare
age
1951844
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
useragent_normaliser
chrome/123.0.0
cf-ray
86c3122eae00c232-VIE
expires
Fri, 05 Apr 2024 21:49:38 GMT
okta-sign-in.min.js
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/js/ 		2 MB
479 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/js/okta-sign-in.min.js
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
155509423210d45665d173ac19884106bd2c094777c242793addc01531594d65
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 10:05:19 GMT
x-amz-meta-sha1sum
b215b5b6dba0edc330a033f5caf946486e97a50d
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
474259
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:58:29 GMT
server
nginx
etag
W/"1689c4e1f96b098fa50968bba930ca01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
ssBHKvr-J34WNGMeCErbCPJRokJrzAD3D-Ww6k8S9uJXDqCK3GYQog==
expires
Mon, 24 Mar 2025 10:05:19 GMT
okta-sign-in.min.css
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/ 		217 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/okta-sign-in.min.css
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
4cfa8d8c88cf536e49e478565a2da853267beb22
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Wed, 20 Mar 2024 05:51:26 GMT
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
835092
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:57:15 GMT
server
nginx
etag
W/"14a902da0701755f1c3dc816ee428221"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
aXSfwSSlhL0oGka6qR2UYwJq1Lkf_1DUI_2o5dzG6QpaGg0rakje9g==
expires
Thu, 20 Mar 2025 05:51:26 GMT
custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok5static.oktacdn.com/assets/loginpage/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 13 Mar 2024 19:09:44 GMT
x-amz-meta-sha1sum
35d16198401d1fd985775d017f4a337e2a74c215
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1391994
x-cache
Hit from cloudfront
last-modified
Wed, 13 Mar 2024 18:21:58 GMT
server
nginx
etag
W/"73947dcedbe30f708373f1b3405f6417"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
Yu3qi35dK_j2-znwcgA-mx6zW9G66TLh6ayu9czs6ny8kuiH_EV0oA==
expires
Thu, 13 Mar 2025 19:09:44 GMT
uswds.min.css
cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/css/ 		392 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/css/uswds.min.css
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecd8aef7f7be1d80938e88919f0731df1185f9caeb43e15475b3c235468cffc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 21:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
407026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34674
last-modified
Wed, 18 Aug 2021 21:04:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"611d75c7-8772"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S49DkJIapPKS5pZ%2FlW6vagT98l0w0BNVQPopJ33Hq4Q5Iv7eqW3zUTGVvz5b0GBA18c55d2yxSexUQtZqNqWgyCFKquEnOeigqWMIZIiVQWFsVR3xHplcJ6H1QoXnnB2oWAAn6Sm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c3122b6c569755-FRA
expires
Wed, 19 Mar 2025 21:49:38 GMT
default.6770228fb0dab49a1695ef440a5279bb.png
ok5static.oktacdn.com/assets/img/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/app/gsa_omsvendorportal95_1/exk90diexcGo24kjG297/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9ce729df778fbee5e9bb0b6cde926b2e5c19c87ebd301e10eeaabab0d3d89c66
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Sat, 16 Mar 2024 10:39:07 GMT
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1163431
x-cache
Hit from cloudfront
content-length
1632
last-modified
Thu, 06 Dec 2018 08:59:48 GMT
server
nginx
etag
"6770228fb0dab49a1695ef440a5279bb"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
_zhznh2b5C7SxUmf6glcwpiITjshfgAoRpZ6H-6KXs7n-5-RRm3KPQ==
expires
Sun, 16 Mar 2025 10:39:07 GMT
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok5static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Fri, 29 Mar 2024 06:14:45 GMT
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
56093
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 19:03:23 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
kSjVmMhukdzwfqUriCLgtwkpYQqouJzjnuTHsnEGw2VljXXCuCZ2ng==
expires
Sat, 29 Mar 2025 06:14:45 GMT
proximanova-light-webfont.aba797dabec6686294a9.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
28b8b4bd234dde07b7ee63a6d32c6f275f03eca1
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
date
Sat, 16 Mar 2024 04:25:07 GMT
x-amz-cf-pop
FRA60-P4
age
1185882
x-cache
Hit from cloudfront
content-length
20052
last-modified
Tue, 07 Nov 2023 19:03:22 GMT
server
nginx
etag
"3bf194f33d52c87ea38f13e04fd41950"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
58Zr0FI1OE8BdXnhBRxYeLNc27S9vZgSd8jM6JyiU_breYdTATSa2w==
expires
Sun, 16 Mar 2025 04:24:57 GMT
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
date
Sun, 10 Mar 2024 15:09:09 GMT
x-amz-cf-pop
FRA60-P4
age
1665646
x-cache
Hit from cloudfront
content-length
20416
last-modified
Tue, 07 Nov 2023 19:01:45 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
scd3AiY0fOrThyhRjeA12b-z6QqY9sYmMkJsyCwbC5fYFM524GoHww==
expires
Mon, 10 Mar 2025 15:08:53 GMT
login_de.json
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/labels/json/ 		106 KB
107 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/labels/json/login_de.json
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
c12a6f952c44ade1a285f399c287d32d0fa67da5eab37a8d1b1917d3fddf4fd8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
https://mfalogin.fas.gsa.gov/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 21:49:39 GMT
x-amz-meta-sha1sum
4c3c21a4bd226f45f83ba25f8b5fc0aa3f211fb7
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-length
108646
last-modified
Tue, 07 Nov 2023 18:58:35 GMT
server
nginx
etag
"db33e019105088c579db32bc30148349"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
UOigna7v_wlD91VG2yJCqCbgo2epVIGq8Bs0YEXtkBWXx2Z-TFgJVQ==
expires
Sat, 29 Mar 2025 21:49:39 GMT
country_de.json
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/labels/json/country_de.json
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain
accept
application/json
Referer
https://mfalogin.fas.gsa.gov/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 21:49:39 GMT
x-amz-meta-sha1sum
251dd1ccca4c80570aee52db71eed703ac579ad8
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-length
4805
last-modified
Tue, 07 Nov 2023 18:58:33 GMT
server
nginx
etag
"51bec6463b4f7c5a26ede1fd8ee067f8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
3lshGLqgaBLPEcQJugkBKtViXq-XfmgevCKLRoUfLtV9OowE_MkmMw==
expires
Sat, 29 Mar 2025 21:49:39 GMT
fs0jq9q704Ez4xrMP297
ok5static.oktacdn.com/fs/bco/1/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/fs/bco/1/fs0jq9q704Ez4xrMP297
Requested by
Host: mfalogin.fas.gsa.gov
URL: https://mfalogin.fas.gsa.gov/signin/refresh-auth-state/00nb3I7zsbPVX8EFALP_p_K4F3yGZ6eVufWQ1RysXv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
360da2cbf537a0059a9665aaaa53e719cf97725472bfd74d99e2edbe70eb684a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mfalogin.fas.gsa.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 18 Mar 2024 11:07:51 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
988908
x-cache
Hit from cloudfront
content-length
3330
last-modified
Wed, 21 Jun 2023 20:57:33 GMT
server
nginx
etag
"205105cee084577e98de9b9d603257b1"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
qr4ZBfDVlO2lrl6F_QstJtMP-7723J73BNhy1Kde7VRutpZF2UpAMg==
expires
Tue, 18 Mar 2025 11:07:51 GMT
sourcesanspro-regular-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/fonts/source-sans-pro/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/css/uswds.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/uswds/2.12.1/css/uswds.min.css
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 21:49:39 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
578373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20540
last-modified
Wed, 18 Aug 2021 21:04:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"611d75c7-503c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F7lym%2BnssQRyYg5HECr83vv2eiscRUR%2F5RQlVp10BKF5PIwiKotPr5g4P%2BXp%2F%2FLLDTqcjR9gqPtFQ2aXOIs9BOu3dzcy4VbW17KOvKC1mCLqU20MghgdqfpU109nVRa8tkK%2FC82k"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c3122f68799755-FRA
expires
Wed, 19 Mar 2025 21:49:39 GMT
iframe.html
login.okta.com/discovery/ Frame 992D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mfalogin.fas.gsa.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
17900
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Fri, 29 Mar 2024 16:51:20 GMT
ETag
"cb4083f71191b66321c4e0310d0383ab"
Last-Modified
Mon, 25 Mar 2024 16:51:14 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
X-Amz-Cf-Id
P2ZGCayFathIHTxyOYMRgCoVQKYheihVHxhIslLm7Xs0URMlyMEHvA==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
favicon.ico
mfalogin.fas.gsa.gov/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mfalogin.fas.gsa.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-19.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mfalogin.fas.gsa.gov/signin/refresh-auth-state/00nb3I7zsbPVX8EFALP_p_K4F3yGZ6eVufWQ1RysXv
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 29 Mar 2024 21:49:39 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 18 Mar 2024 16:51:44 GMT
Server
nginx
etag
W/"5430-1710780704000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=99
Content-Length
5430
default.png
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/img/security/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/img/security/default.png
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/okta-sign-in.min.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 11 Mar 2024 02:23:57 GMT
x-amz-meta-sha1sum
8db73b75bc7547a90aebd1377852ea3bf7cbc5ea
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA60-P4
age
1625143
x-cache
Hit from cloudfront
content-length
1800
last-modified
Tue, 07 Nov 2023 18:58:25 GMT
server
nginx
etag
"04eeeba5b3538c4524d8e6828ba2c405"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
JBnt2GjkrOGzPFBP66Q7ZOvqEpyV2JFkfwd4cb7rcSi0xHxRJWJ9TA==
expires
Tue, 11 Mar 2025 02:23:57 GMT
introspect
mfalogin.fas.gsa.gov/api/v1/authn/ 		784 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mfalogin.fas.gsa.gov/api/v1/authn/introspect
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-19.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
257a17df3bab1e8b360746f7e7158ce9b3c3f68288b645e94730ebbb89b6cb4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; connect-src 'self' gsa.okta.com gsa-admin.okta.com mfalogin.fas.gsa.gov *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com gsa.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; frame-src 'self' gsa.okta.com gsa-admin.okta.com mfalogin.fas.gsa.gov login.okta.com; img-src 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' gsa.okta.com mfalogin.fas.gsa.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.11.3
Accept-Language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mfalogin.fas.gsa.gov/signin/refresh-auth-state/00nb3I7zsbPVX8EFALP_p_K4F3yGZ6eVufWQ1RysXv
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
Zgc3dHM_Exf7ULjQud0u7AAADTU
Date
Fri, 29 Mar 2024 21:49:40 GMT
content-security-policy
default-src 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; connect-src 'self' gsa.okta.com gsa-admin.okta.com mfalogin.fas.gsa.gov *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com gsa.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com; frame-src 'self' gsa.okta.com gsa-admin.okta.com mfalogin.fas.gsa.gov login.okta.com; img-src 'self' gsa.okta.com mfalogin.fas.gsa.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' gsa.okta.com mfalogin.fas.gsa.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
600
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
588
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://mfalogin.fas.gsa.gov
x-rate-limit-reset
1711748980
access-control-allow-credentials
true
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type
Keep-Alive
timeout=5, max=98
expires
0
favicon.ico
mfalogin.fas.gsa.gov/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mfalogin.fas.gsa.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-19.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mfalogin.fas.gsa.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 29 Mar 2024 21:49:40 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 18 Mar 2024 16:51:44 GMT
Server
nginx
etag
W/"5430-1710780704000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=97
Content-Length
5430
checkbox-sign-in-widget.png
ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.11.3/css/okta-sign-in.min.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 04:20:44 GMT
x-amz-cf-pop
FRA60-P4
age
408535
x-cache
Hit from cloudfront
content-length
3141
last-modified
Tue, 07 Nov 2023 18:58:26 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
KGJDCYLoRd1AqguPfZ0jGAdouwGeZ7D3CettTnPB6H525YxwjPhBng==
expires
Tue, 25 Mar 2025 04:20:44 GMT
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok5static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2
Requested by
Host: ok5static.oktacdn.com
URL: https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-35.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ok5static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin
https://mfalogin.fas.gsa.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1sum
dd4beda27e8057403b27d1276ca9d68902692615
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
date
Sun, 10 Mar 2024 06:32:57 GMT
x-amz-cf-pop
FRA60-P4
age
1696606
x-cache
Hit from cloudfront
content-length
20328
last-modified
Tue, 07 Nov 2023 18:59:59 GMT
server
nginx
etag
"27429b092c0595aa8803b611bd7508f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
Xv38YIqTqTOme1_lYskjFGI2Qnq5rcqiTXgHdGMzL0kynfHa6vHhWQ==
expires
Mon, 10 Mar 2025 06:32:54 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil string| AFPAppLabel function| getOKTASignInWidgetConfig function| getOKTARequestContext function| getClientId function| getRedirectURI function| getAppURL function| getAppHostName function| getAppLogo function| getAppLabel function| getStoreName function| getStoreLogo function| getStoreLabel function| checkSessionTimeout function| createPIVToolTip object| config object| initialTime object| requestContext string| clientId string| storeName string| appLogo undefined| appURL undefined| appHostName undefined| appLabel undefined| stylesheet undefined| head undefined| link undefined| sessionTimeout function| hasClass function| addClass function| removeClass object| oktaSignIn object| OktaLogin object| jQBrowser

7 Cookies

Domain/Path Name / Value
www.orders-vp.fas.gsa.gov/ Name: JSESSIONID
Value: 0000SQoAT734XIEWS_SdLWu_Y-i:0fd8d480-7bc2-4ede-81e2-69a3ed1d3103
www.orders-vp.fas.gsa.gov/ Name: WASInitialRequest_sp_initial_79eh0PxZEc0VHjYTVUYINdPqRCzAOqIP
Value: rO0ABXNyADxjb20uaWJtLndzLnNlY3VyaXR5LnNhbWwuc3NvMjAuaW50ZXJuYWwudXRpbHMuSW5pdGlhbFJlcXVlc3QAAAAAAAAAAQMACFoAFGlzRm9ybUxvZ291dEV4aXRQYWdlTAASZm9ybUxvZ291dEV4aXRQYWdldAASTGphdmEvbGFuZy9TdHJpbmc7TAAGbWV0aG9kcQB-AAFMAApwb3N0UGFyYW1zcQB-AAFMAAZyZXFVcmxxAH4AAUwACnJlcXVlc3RVUkxxAH4AAUwAD3NhdmVkUG9zdFBhcmFtc3QAE0xqYXZhL3V0aWwvSGFzaE1hcDtMABFzdHJJblJlc3BvbnNlVG9JZHEAfgABeHB3hQAsaHR0cHM6Ly93d3cub3JkZXJzLXZwLmZhcy5nc2EuZ292L3ZwLWxhbmRpbmcALGh0dHBzOi8vd3d3Lm9yZGVycy12cC5mYXMuZ3NhLmdvdi92cC1sYW5kaW5nAANHRVQAIV9SVzJ6aVJnYXZXUHF2ZG9EcTFVRnFoTUVlaklRZXd2MAB4_iyIK86e5JMeNVGV0ado4vRPkF9JGMrf5mvjBvBnBtDc=
www.orders-vp.fas.gsa.gov/ Name: WASSamlReq_yudecblM
Value: https%3A%2F%2Fwww.orders-vp.fas.gsa.gov%2Fvp-landing
mfalogin.fas.gsa.gov/ Name: t
Value: sea
mfalogin.fas.gsa.gov/ Name: DT
Value: DI1YjbegS3wQhWDXyWcIn19Pg
mfalogin.fas.gsa.gov/ Name: JSESSIONID
Value: D71D573304AF0730187ACB4184300449
mfalogin.fas.gsa.gov/ Name: oktaStateToken
Value: 00nb3I7zsbPVX8EFALP_p_K4F3yGZ6eVufWQ1RysXv

1 Console Messages

Source Level URL
Text
network error URL: https://www.orders-vp.fas.gsa.gov/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
login.okta.com
mfalogin.fas.gsa.gov
ok5static.oktacdn.com
www.orders-vp.fas.gsa.gov
104.17.25.14
108.138.7.126
170.225.22.19
18.66.147.35
2606:4700:3110::6812:35ed
2a00:1450:4001:81c::200a
34.223.206.19
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
09559fbd003bcc1801ea89be298ed2646d04939dfc9523e3d13766e132c23a84
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
155509423210d45665d173ac19884106bd2c094777c242793addc01531594d65
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
257a17df3bab1e8b360746f7e7158ce9b3c3f68288b645e94730ebbb89b6cb4f
360da2cbf537a0059a9665aaaa53e719cf97725472bfd74d99e2edbe70eb684a
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
800b369ff6bb35dbe7f72ed963fda2589e98a37c278b89e874ce95834a32bd6c
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
8ecd8aef7f7be1d80938e88919f0731df1185f9caeb43e15475b3c235468cffc
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
9ce729df778fbee5e9bb0b6cde926b2e5c19c87ebd301e10eeaabab0d3d89c66
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
c12a6f952c44ade1a285f399c287d32d0fa67da5eab37a8d1b1917d3fddf4fd8
cd4e6ff24c7b8523fe3d467d60ebe1b485af91a3235aa48e357f5ac984e16121
da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa